NTP management scripts

I've been participating in the NTP pool project since
July 2003, and during this time, I've developed a few
scripts to help monitor and manage NTP stuff. I figure that
these scripts might be useful to others, so I'm posting them
here, but please don't expect anything fancy. The
documentation is bad, there are few comments, and they
haven't been tested on any machine other than mine. Feel
free to use the scripts for anything you want. They are in
the public domain.

This script use tcpdump to gather statistics about ntp
clients. It will then report information about the clients
as it sees new packets, and/or write a summary of all recent
clients to a "dump file" (depending on the options given).
The dump file can be used either when restarting
ntp_clients, or by ntp_clients_stats.

The options are:

Usage: ntp_clients [options]
-help Help on the options.
-dumpfile=/path/dumpfile File to read/write internal state
-startfile=/path/dumpfile File to read initial state
-interface=eth# Lan interface to monitor\n";
-verbose increase amount of information printed
by default, track only bad clients
-v will give you all clients
-v -v will give you all requests
-tcpdump=version set format of NTP trace output
-quiet don't print any info

Note that, as per the recommendations above, information
about your ntp clients will be put into your public website.
Since the information released is basically the same as is
already released by the monlist command, this should not be a
problem for most people. However if, for some reason, you
have disabled the monlist command in your ntp.conf, you
probably want to change the above defaults.

This script uses the ntp_client_stats script to generate a
one line summary of the current number of NTP clients, the
number of abusive NTP clients, and it also determines how
many times your NTP daemon is listed in the current NTP Pool
DNS.

An example result is:

03/05/05 16:35:13 1011 22 2 aventura.bhms-groep.nl zbasel.fortytwo.ch

This says that at 03/05/05 16:35:13, there were 1011 active ntp
clients, of which 22 were "abusive". My ntp server was
found in two of the half-dozen or so pool name servers.

Since the output is very short, this script is useful for
accumulating long term data about the clients. (See the
crontab entry mentioned above.)

NTP daemon sanity checker scripts

This script grunges through your ntp logs and calculates a
"good" value for your /var/lib/ntp/ntp.drift file. While ntp
will update this file for you, calc_ntp_good looks over a much
longer term, selecting only the best values from when the ntp
daemon is running well.

This script looks to see if the ntpd is too far out of sync
with the true time and has therefore munged the ntp.drift
value too much. While ntpd will eventually get back to normal
all by itself, it is generally *MUCH* quicker to reset the
drift file to a known good value (as found by calc_ntp_good),
and restart ntpd.

This is most useful for things like laptops, which are not
connected all the time and have power saving modes mess up the
real time clock. I happen to run it on my pool server also,
and it rarely does anything. Sometimes it will reset the ntpd
when my pipe has been saturated by a long, very large
download, or something.

If you want to use these scripts, I recommend having the
following entry in your root's crontab:

keeps track of how many ntp clients a give server has. If the
verbose option (-v) is given, it will also display a list of
clients that may be abusing the server, either by having many
clients from the same subnet using the server, or by having
very short poll times.

For some reason, my debian 4.2.0a ntpdc command frequently
times out with an "Response from server was incomplete"
message. This script just keeps retrying until it gets an
answer.

While I'm not an expert, I believe the information on this page is
correct. Please send suggestions and corrections to
the webmaster.
This web site runs on 100%
Open Source Software.
This web page was last changed on 04/13/2005 at 20:29:03.